The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requires Bash(cmd:*) permissions to execute local repository scripts, including pnpm run sync-marketplace and ./scripts/validate-all-plugins.sh, which are necessary for marketplace integration and CI readiness (referenced in SKILL.md).- [COMMAND_EXECUTION]: The skill utilizes jq to perform syntax validation on generated JSON configuration files, preventing the creation of malformed plugin metadata (referenced in SKILL.md).- [COMMAND_EXECUTION]: The skill manages file system permissions using chmod +x to ensure that generated scripts and hooks are executable by the host system (referenced in scripts/README.md).- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by ingesting untrusted user input and interpolating it into generated plugin files during the scaffolding process.
Ingestion points: User-provided plugin name, category, description, and keywords collected during the creation request.
Boundary markers: None; user content is directly inserted into template fields in plugin.json and README.md without delimiters.
Capability inventory: The skill has Write and Bash capabilities to create persistent files and execute local scripts within the repository.
Sanitization: Input processing is limited to jq syntax validation for JSON output and naming convention enforcement (kebab-case).- [SAFE]: All external references and author metadata point to the official domains and repositories of the developer, Jeremy Longshore (jeremylongshore.com, intentsolutions.io, tonsofskills.com).

plugin-creator